CN103067918B - Method, device and system of privacy data anonymization in communication network - Google Patents
Method, device and system of privacy data anonymization in communication network Download PDFInfo
- Publication number
- CN103067918B CN103067918B CN201210568522.2A CN201210568522A CN103067918B CN 103067918 B CN103067918 B CN 103067918B CN 201210568522 A CN201210568522 A CN 201210568522A CN 103067918 B CN103067918 B CN 103067918B
- Authority
- CN
- China
- Prior art keywords
- anonymization
- data
- private data
- raw information
- function
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
Provided is a method, a device and a system of privacy data anonymization in a communication network. The method of the privacy data anonymization in the communication network comprises the following steps of receiving a directive of opening an anonymization function sent by an anonymization control center, recognizing privacy data in raw information generated by operating business, and carrying out anonymization process of the privacy data in the raw information generated by operating business. When the method, the device and the system of the privacy data anonymization in the communication network are in use, sensitive data in the raw information is processed in an anonymization mode, equipment maintenance businessmen are incapable of restoring the sensitive data form data which are processed in the anonymization mode, and leakage of the sensitive data is avoided.
Description
Technical field
The present invention relates to private data de-identification method, device and be in the communications field, more particularly to a kind of communication network
System.
Background technology
Secret protection has become personal or mechanism's care basic problem, and the appearance of various Data Mining Tools causes privacy
Leakage problem becomes increasingly conspicuous.The mode for generally removing identifier issues data and cannot prevent privacy leakage, and attacker is still
The private data of user can be obtained with very high probability by linked operation.Anonymization is real under current data publication environment
One of major technique of existing secret protection.
In current communication network, substantial amounts of personal information, the such as phone number of user, IMSI are there is
(Intemational Mobile SubscriberIdentification, international mobile subscriber identity, abbreviation IMSI) number,
The IP address of user equipment and the internet records of user etc..Equipment supplier when carrying out communication network and safeguarding, such as fault location
Deng generally requiring the information of crawl signaling aspect is used for the reason for diagnosing problem and occur, but these information generally all can include
People's information, some national legal provisions, personal information data belong to private data, forbid from operator's internal network carrying out
Go, thus can lead to not carry out positioning and the diagnosis of problem using these information.
The content of the invention
The embodiment of the present invention provides private data de-identification method, apparatus and system in a kind of communication network, to solve
The raw information comprising sensitive data forbids being carried away in prior art, therefore communication system cannot be safeguarded not
Foot.
In order to solve above-mentioned technical problem, embodiment of the present invention first aspect provides private data in a kind of communication network
De-identification method, including:
Receive the instruction of the unlatching anonymization function that anonymization control centre sends;
Private data in the raw information that identification operation business is produced;
According to the instruction of the unlatching anonymization function, the private data in the raw information produced to operation business is carried out
Anonymization process.
In the first possible implementation, the private data in the raw information carries out anonymization process
Afterwards, further include:
Non- private data in private data after anonymization is processed, and the raw information, reports to described hideing
Ming Hua control centres.
The first possible implementation with reference to first aspect, it is described to described in second possible implementation
Private data in raw information carries out anonymization process, including:
The raw information is converted into into tree data, the leaf node data of the tree data are including hidden
Private data and non-private data;
Anonymization process is carried out using anonymization function to the private data in the leaf node.With reference to first aspect
Two kinds of possible implementations, in the third possible implementation, to the private data in different leaf nodes using not
Anonymization process is carried out with anonymization function, the different anonymization functions are different Hash mappings.
With reference in a first aspect, in the 4th kind of possible implementation, the raw information that the identification operation business is produced
In private data, including:
The data type of the private data included in the instruction according to anonymization function, identify in the initial data with
The data of the data type matching are private data;Or
Network element side apparatus are pre-configured with the data type of private data, identify in the initial data with the data type
The data of matching are private data.
Second aspect present invention provides the anonymous device of private data in a kind of communication network, including:
Receiver module is indicated, for receiving the instruction of the unlatching anonymization function of anonymization control centre transmission;
Identification module, for the private data in the raw information for recognizing the generation of operation business;
Anonymous processing module, for according to the instruction of the unlatching anonymization function, to the hidden of identification module identification
Private data carry out anonymization process.
In the first possible implementation, also include:
Information reporting module, for the private data after anonymization is processed, and the raw information in non-privacy
Data, report to the anonymization control centre.
With reference to the first possible implementation of second aspect and second aspect, in second possible implementation
In, the anonymous processing module includes:
Date Conversion Unit, by the raw information tree data, the leaf of the tree data are converted into
Node data includes private data and non-private data;
Anonymous processing unit, for being carried out at anonymization using anonymization function to the private data in the leaf node
Reason.
With reference to second possible implementation of second aspect, in the third possible implementation, also include:
The anonymous processing unit includes:
Hash mapping unit, for carrying out anonymity using different anonymization functions to the private data in different leaf nodes
Change is processed, and the different anonymization functions are different Hash mappings.
With reference to second aspect, in the 4th kind of possible implementation, the identification module,
The number of the private data included in the instruction for the anonymization function of being received according to the instruction receiver module
According to type, identify that the data matched with the data type in the initial data are private data;Or
For being pre-configured with the data type of private data, identify what is matched with the data type in the initial data
Data are private data.
Third aspect present invention provides a kind of communication system, including anonymization control centre and second aspect are to second party
Any one device in the 4th kind of possible implementation in face.
Implement the embodiment of the present invention, have the advantages that:
Sensitive data in raw information is carried out into anonymization process, in the data that plant maintenance business cannot be from after anonymization also
Original goes out sensitive data, it is to avoid the leakage of sensitive data, therefore equipment supplier can carry out raw information in operator
Portion's network, meets the legal requirement that operator protects individual privacy, while not affecting the maintenance efficiency of communication equipment.
Description of the drawings
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of invention, for those of ordinary skill in the art, on the premise of not paying creative work, can be with
Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of private data de-identification method in a kind of communication network of the invention;
Fig. 2 is another schematic flow sheet of private data de-identification method in a kind of communication network of the invention;
Fig. 3 is the schematic diagram that anonymization is processed in Fig. 2;
Fig. 4 is the structural representation of private data de-identification device in a kind of communication network of the invention;
Fig. 5 is another structural representation of private data de-identification device in a kind of communication network of the invention;
Fig. 6 is the structural representation of anonymous processing module in Fig. 5;
Fig. 7 is the structural representation of anonymous processing unit in Fig. 6;
Fig. 8 is a kind of structural representation of communication system of the present invention;
Fig. 9 is the another structural representation of private data de-identification device in a kind of communication network of the invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than the embodiment of whole.It is based on
Embodiment in the present invention, it is every other that those of ordinary skill in the art are obtained under the premise of creative work is not made
Embodiment, belongs to the scope of protection of the invention.
It is the schematic flow sheet of private data de-identification method in a kind of communication network of the invention referring to Fig. 1, including:
Step 101, the instruction for receiving the unlatching anonymization function that anonymization control centre sends;
Specifically, the equipment of network element side network element is received and is deployed in the unlatching that the anonymization control centre of Element management system sends
The instruction of anonymization function.Here, the equipment of network element side network element is the equipment with Element management system difference, can be in mobile switch
The heart, attaching position register, call conversation control function entity etc.;Element management system can be network management center etc., this
Inventive embodiments are not limited thereto.
Private data in step 102, the raw information of identification service generation;
The data type of the private data that recognition methodss can be included according in the instruction of anonymization function, identifies institute
It is private data to state the data matched with the data type in initial data.Alternatively, the original letter that operation business is produced is recognized
The step for private data in breath, can also can be pre-configured with private data in network element side apparatus before step 101
Data type, raw information is matched with the data type, obtains private data.The embodiment of the present invention is to specific identification
Method is not restricted.
Step 103, according to it is described unlatching anonymization function instruction, to run business produce raw information in privacy
Data carry out anonymization process.
Specifically, the raw information includes private data and non-private data, and the private data includes IMSI, phone
Number, at least one, or other private datas in user's internet records.Network element side apparatus are previously stored with anonymization
Function library, network element side apparatus are when the instruction of unlatching anonymization function of anonymization control centre transmission is received, and loading is described
The data that anonymization function pair operation business in anonymization function library is produced carry out anonymization process.Anonymization process is referred to adopts
The sensitive data in raw information is encrypted with security algorithm, such as hash function, can be different Hash mapping algorithms,
Can also be replacement function, such as to the part position of telephone number asterisk in addition.Publisher will not when these raw informations are issued
The leakage of sensitive data is caused, while the sensitive data in raw information can be reduced again under given conditions.Herein, it is anonymous
The type for changing function is not restricted.In addition, the operation business in the embodiment of the present invention, can be conversed in communication network,
The various signalings of the generations such as online, data transfer.When there is network failure, need to extract these data of operation business generation is carried out
Fault location.
Sensitive data in raw information, i.e. private data, make anonymization and process by network element side apparatus, can be by anonymity
Information after change together with the raw information in non-privacy information externally issue, it is not necessary to worry that sensitive data is compromised.Together
When the non-privacy information in the information after above-mentioned anonymization and raw information can be preserved into local specified file, use
In realizing that network element side apparatus are locally-located.
Alternatively, for multiple network element side apparatus carry out anonymization process, can be by each network element side apparatus to privacy number
According to the data for carrying out being obtained after anonymization, together with raw information in non-privacy information, anonymization control centre is reported, by hideing
Ming Hua control centres are stored as file, for realizing the whole network fault location.
Implement embodiments of the invention, sensitive data in raw information is carried out into anonymization process, plant maintenance business cannot
Sensitive data is restored in data from after anonymization, it is to avoid the leakage of sensitive data, therefore equipment supplier can be upper
State the information after anonymization and the non-privacy information in raw information carries out operator's internal network, meet operator's protection
The legal requirement of individual privacy, while not affecting the maintenance efficiency of communication equipment.
It is that another flow process of private data de-identification method in a kind of communication network of the invention is illustrated referring to Fig. 2 and Fig. 3
Figure, including:
Step 201, the instruction for receiving the unlatching anonymization function that anonymization control centre sends.
Specifically, network element side apparatus receive be deployed in Element management system anonymization control centre send unlatching hide
The instruction of nameization function, the instruction is used to control network element side network element opening of device anonymization function, it is to be understood that work as network element side network element
When equipment receives the instruction of the closing anonymization function of anonymization control centre transmission, network element side apparatus are no longer to running business
The raw information of generation carries out anonymization process.Here, the equipment of network element side network element is the equipment with Element management system difference, can be with
For mobile switching centre, attaching position register, call conversation control function entity etc.;Element management system can be network pipe
Reason center etc., the embodiment of the present invention is not limited thereto.
Private data in the raw information that step 202, identification operation business are produced;
Specifically, in knowing the instruction that method for distinguishing can be the anonymization function of receiving according to the instruction receiver module
Comprising private data data type, identify that the data that match with the data type in the initial data are privacy number
According to;Or the data type of private data is pre-configured with, identify that the data matched with the data type in the initial data are
Private data.The embodiment of the present invention is not restricted to specific recognition methodss.
Step 203, according to it is described unlatching anonymization function instruction, to operation business produce raw information be converted into tree
Shape structured data, the leaf node data of the tree data include private data and non-private data
Specifically, the data type of the raw information of network element side apparatus operation service generation is usually unstructured data,
The message of such as TLV (Type-Length-Value, Tag-Length-Value, abbreviation TLV) form, because the message of the form is
Non-structured data, are difficult to process it and analyzed, it is therefore desirable to be converted into structurized data, follow-up to carry out
Anonymization process.
As shown in figure 3, the signal of the tree data after the raw information conversion also produced for the operation of network element side apparatus
Figure, in the tree data, each leaf node represents each item data in raw information, such as cell-phone number, name, ownership
Ground, IMSI number, IP address and user's internet records etc., these leaf nodes include not only including private data but also including non-
The leaf node of black represents private data in private data, such as figure, and the leaf node of white represents non-private data.Original letter
Breath is converted to after tree data, is easy to computer to process tree data, while it is original to be also easy to inquiry
The private data for needing anonymization to process in information, improves the efficiency of operation.
Step 204, anonymization process, institute are carried out to the private data in different leaf nodes using different anonymization functions
Anonymization function is stated including Hash mapping.
Specifically, the collocation method of anonymization function can specify anonymization function by anonymization control centre, directly
The instruction of the unlatching anonymization function including the anonymization function specified is sent to network element side apparatus;Can also be advance
Anonymization function library is configured in network element device side, while distributing a unique function identification to each anonymization function, is hidden
Ming Hua control centres send the instruction of the unlatching anonymization function of including the function identification, and network element side apparatus are received and call this
The corresponding anonymization function of the function identification in ground anonymization function library.Different anonymization functions can reflect for different Hash
Penetrate, or other kinds of function, the present invention is not restricted.
As shown in figure 3, private data is the leaf node of black in raw information, non-private data is the leaf section of white
Point, such as cell-phone number, name, ownership place, IMSI number and user's internet records belong to private data.The leaf node of private data
Quantity be 5, anonymization function 1, anonymization function 2, anonymization function 3, anonymization function have been respectively configured to 5 nodes
4 and anonymization function 5, respectively different anonymization functions are configured to different private datas so that the loading of network element side apparatus is hidden
The difficulty that the data after anonymization process that nameization function carry out are cracked is increased, and improves the safety of data.Anonymization letter
The method that several load modes can adopt static compilation and dynamic load, prior art is no longer described herein with disclosing.
Step 205, anonymization is processed after private data, and the non-private data in the raw information reports
To the anonymization control centre.
Specifically, in a usual communication system, an Element management system manages several network element side apparatus, both it
Between adopt SOAP (Simple Object Access Protocol, Simple Object Access Protocol, abbreviation SOAP) interface communication.
Network element side apparatus are connect by SFTP (Secure File Transfer Protocol, secure file transportation protocol, abbreviation SFTP)
After mouth or FPTS (File Transfer Protocol over Secure socketslayer) interface process anonymization
Non- private data in private data and the raw information is uploaded to and is deployed in the control of the anonymization of Element management system
The heart, to realize the positioning to the whole network problem and diagnosis.
Implement embodiments of the invention, sensitive data in raw information is carried out into anonymization process, plant maintenance business cannot
Sensitive data is restored in data from after anonymization, it is to avoid the leakage of sensitive data, therefore equipment supplier can be upper
State the information after processing and carry out operator's internal network, the legal requirement that operator protects individual privacy is met, while not shadow
Ring the maintenance efficiency of communication equipment.
It is private data de-identification device in a kind of communication network of the invention, it is characterised in that include referring to Fig. 4:
Receiver module 11 is indicated, for receiving the instruction of the unlatching anonymization function of anonymization control centre transmission.
Specifically, indicate receiver module 11 receive be deployed in Element management system anonymization control centre send open
The instruction of anonymization function is opened, the instruction includes the type of anonymization function and needs the data type of anonymization.
Identification module 12, for the private data in the raw information for recognizing the generation of operation business;
Anonymous processing module 13, for according to the instruction of the unlatching anonymization function, to the hidden of the identification of identification module 12
Private data carry out anonymization process.
Specifically, the raw information includes private data and non-private data, and the private data includes IMSI, phone
Number, at least one, or other private datas in user's internet records.Network element side apparatus are previously stored with anonymization
Function library, instruction receiver module 11 is anonymous when the instruction of unlatching anonymization function of anonymization control centre transmission is received
Processing module 13 loads the data of the anonymization function pair operation business generation in the anonymization function library and carries out at anonymization
Reason.Anonymization process refers to the sensitive data in raw information is encrypted that using security algorithm publisher is issuing these
The leakage of sensitive data is not resulted in during raw information, while the sensitivity in raw information can be reduced again under given conditions
Data.Herein, the type of anonymization function is not restricted.
Sensitive data in raw information, i.e. private data, make anonymization and process by network element side apparatus, can will be described
Raw information is externally issued, it is not necessary to worry that sensitive data is compromised.The raw information is preserved to local is simultaneously specified
In file, to carry out carrying out the maintenance works such as fault location using the raw information during attended operation.
Further, it is the another of private data de-identification device in a kind of communication network of the invention referring to Fig. 5-Fig. 7
Structural representation is planted, in addition to receiver module 11, identification module 12 and anonymous processing module 13 is indicated, is also included:
Information reporting module 14, for the private data after anonymization is processed, and the raw information in it is non-hidden
Private data, report to the anonymization control centre.
Specifically, in a usual communication system, an Element management system manages several network element side apparatus, both it
Between adopt SOAP (Simple Object Access Protocol, Simple Object Access Protocol, abbreviation SOAP) interface communication.
Information reporting module 14 anonymization is processed by SFTP interfaces or FPTS interfaces after private data and the raw information
In non-private data be uploaded to the anonymization control centre for being deployed in Element management system, to realize positioning to the whole network problem
And diagnosis.
Wherein, the anonymous processing module 13 includes:
Date Conversion Unit 131, by the raw information tree data, the leaf of the tree data are converted into
Son node number is according to including private data and non-private data.
Specifically, the data type of the raw information of network element side apparatus operation service generation is usually unstructured data,
The message of such as TLV (Type-Length-Value, Tag-Length-Value, abbreviation TLV) form, because the message of the form is
Non-structured data, are difficult to process it and analyzed, thus Date Conversion Unit 131 need will be non-structured original
Information is converted into structurized data, processes to carry out follow-up anonymization.
Anonymous processing unit 132, for carrying out anonymity using anonymization function to the private data in the leaf node
Change is processed.
Specifically, anonymous processing unit 132 carries out anonymization using the private data in anonymization function pair leaf node
Process, different private datas can configure different anonymization functions, such as different Hash mappings, it is also possible to configure identical
Anonymization function, the present invention is not restricted.
Further, anonymization processing unit 132 includes:
Hash mapping unit 1321, for being carried out using different anonymization functions to the private data in different leaf nodes
Anonymization process, the anonymization function includes Hash mapping.
Specifically, such as the structural data example of Fig. 3, private data is the leaf node of black in raw information, non-hidden
Private data are the leaf node of white, and such as cell-phone number, name, ownership place, IMSI number and user's internet records belong to privacy number
According to.The quantity of the leaf node of private data be 5,5 nodes have been respectively configured anonymization function 1, anonymization function 2,
Anonymization function 3, anonymization function 4 and anonymization function 5, configure different anonymization letters to different private datas respectively
Number, the difficulty that the data after anonymization process that the loading anonymization function of Hash mapping unit 1321 carry out are cracked is increased, and is carried
The high safety of data.The method that the load mode of anonymization function can adopt static compilation and dynamic load, prior art
To disclose, no longer describe herein.
Further, identification module 12 specifically for,
The data class of the private data included in the instruction of the anonymization function of being received according to the instruction receiver module
Type, identifies that the data matched with the data type in the initial data are private data;Or
The data type of private data is pre-configured with, the data matched with the data type in the initial data are identified
For private data.
Implement embodiments of the invention, sensitive data in raw information is carried out into anonymization process, plant maintenance business cannot
Sensitive data is restored in data from after anonymization, it is to avoid the leakage of sensitive data, therefore equipment supplier can be upper
State the information after processing and carry out operator's internal network, the legal requirement that operator protects individual privacy is met, while not shadow
Ring the maintenance efficiency of communication equipment.
It is a kind of structural representation of communication system of the present invention referring to Fig. 8, including anonymization control centre 2 and device
1a-1c, wherein, anonymization control centre is deployed in Element management system side, and device is deployed in network element device side, and device is above-mentioned
Private data de-identification device in communication network in embodiment, the quantity of the device is not restricted.With the He of anonymization control centre 2
As a example by the course of work between device 1a, other devices are consistent with the interaction of anonymization control centre.
Anonymization control centre 2 sends the instruction of a unlatching anonymization function to device 1a, device 1a receives described
When opening the instruction of anonymization function, the private data that the raw information that business of running to network element side apparatus is produced includes is carried out
Anonymization process,.Anonymization process after the completion of, device 1a anonymization is processed by SFTP interfaces or FPTS interfaces after privacy
Non- private data in data and the raw information is uploaded to the anonymization control centre for being deployed in Element management system, with
Element management system is set to realize the positioning to the whole network problem and diagnosis.
Implement embodiments of the invention, sensitive data in raw information is carried out into anonymization process, plant maintenance business cannot
Sensitive data is restored in data from after anonymization, it is to avoid the leakage of sensitive data, therefore equipment supplier can be original
Beginning information carries out operator's internal network, the legal requirement that operator protects individual privacy is met, while not affecting communication to set
Standby maintenance efficiency.
It is the another structural representation of the anonymous device of private data in a kind of communication network of the invention referring to Fig. 9, wraps
Include processor 61, memorizer 62, input equipment 63 and output device 64, the quantity of the processor 61 of device 1 can be one or
Multiple, Fig. 9 is by taking a processor as an example.In some embodiments of the present invention, processor 61, memorizer 62, the and of input equipment 63
Output device 64 can be connected by bus or other modes, in Fig. 9 by taking bus connection as an example.
Wherein, batch processing code is stored in memorizer 62, and processor 61 is used to call the journey stored in memorizer 62
Sequence code, for performing following operation:
Receive the instruction of the unlatching anonymization function that anonymization control centre sends;
Private data in the raw information that identification operation business is produced;
According to the instruction of the unlatching anonymization function, the private data in the raw information produced to operation business is carried out
Anonymization process.
In some embodiments of the invention, processor 61 is additionally operable to perform:Private data after anonymization is processed, with
And the non-private data in the raw information, report to the anonymization control centre.
In some embodiments of the invention, processor 61 is specifically for performing:
The raw information is converted into into tree data, the leaf node data of the tree data are including hidden
Private data and non-private data;
Anonymization process is carried out using anonymization function to the private data in the leaf node.
In some embodiments of the invention, processor 61 is specifically for performing:
Anonymization process is carried out using different anonymization functions to the private data in different leaf nodes, the difference is hidden
Nameization function is different Hash mappings.
In some embodiments of the invention, processor 61 is specifically for performing:
The data type of the private data included in the instruction according to anonymization function, identify in the initial data with
The data of the data type matching are private data;Or
Network element side apparatus are pre-configured with the data type of private data, identify in the initial data with the data type
The data of matching are private data.
Implement embodiments of the invention, sensitive data in raw information is carried out into anonymization process, plant maintenance business cannot
Sensitive data is restored in data from after anonymization, it is to avoid the leakage of sensitive data, therefore equipment supplier can be upper
State the information after processing and carry out operator's internal network, the legal requirement that operator protects individual privacy is met, while not shadow
Ring the maintenance efficiency of communication equipment.
One of ordinary skill in the art will appreciate that realizing all or part of flow process in above-described embodiment method, can be
Related hardware is instructed to complete by computer program, described program can be stored in a computer read/write memory medium
In, the program is upon execution, it may include such as the flow process of the embodiment of above-mentioned each method.Wherein, described storage medium can be magnetic
Dish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access
Memory, RAM) etc..
Above disclosed is only a kind of preferred embodiment of the invention, can not limit the power of the present invention with this certainly
Sharp scope, one of ordinary skill in the art will appreciate that all or part of flow process of above-described embodiment is realized, and according to present invention power
Profit requires made equivalent variations, still falls within the covered scope of invention.
Claims (5)
1. private data de-identification method in a kind of communication network, it is characterised in that include:
Receive the instruction of the unlatching anonymization function that anonymization control centre sends;
The data type of the private data included in the instruction according to anonymization function, identify in raw information with the data class
The data of type matching are private data;
According to the instruction of the unlatching anonymization function, the private data in the raw information produced to operation business carries out anonymity
Change is processed;
Wherein, the private data in the raw information carries out anonymization process, including:
The raw information is converted into into tree data, the leaf node data of the tree data include privacy number
According to non-private data;
Anonymization process, the different anonymizations are carried out using different anonymization functions to the private data in different leaf nodes
Function is different Hash mappings.
2. the method for claim 1, it is characterised in that the private data in the raw information carries out anonymity
After change is processed, further include:
Non- private data in private data after anonymization is processed, and the raw information, reports to the anonymization
Control centre.
3. the anonymous device of private data in a kind of communication network, it is characterised in that include:
Receiver module is indicated, for receiving the instruction of the unlatching anonymization function of anonymization control centre transmission;
Identification module, the private data included in the instruction for the anonymization function of being received according to the instruction receiver module
Data type, identify that the data that match with the data type in raw information are private data;
Anonymous processing module, for according to the instruction of the unlatching anonymization function, the privacy number to identification module identification
According to carrying out anonymization process;
Wherein, the anonymous processing module includes:
Date Conversion Unit, by the raw information tree data, the leaf node of the tree data are converted into
Data include private data and non-private data;
Anonymous processing unit, for being carried out at anonymization using different anonymization functions to the private data in different leaf nodes
Reason, the different anonymization functions are different Hash mappings.
4. device as claimed in claim 3, it is characterised in that also include:
Information reporting module, for the private data after anonymization is processed, and the raw information in non-private data,
Report to the anonymization control centre.
5. a kind of communication system, it is characterised in that the device including anonymization control centre and as described in claim 3 or 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210568522.2A CN103067918B (en) | 2012-12-25 | 2012-12-25 | Method, device and system of privacy data anonymization in communication network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210568522.2A CN103067918B (en) | 2012-12-25 | 2012-12-25 | Method, device and system of privacy data anonymization in communication network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103067918A CN103067918A (en) | 2013-04-24 |
| CN103067918B true CN103067918B (en) | 2017-04-12 |
Family
ID=48110344
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210568522.2A Active CN103067918B (en) | 2012-12-25 | 2012-12-25 | Method, device and system of privacy data anonymization in communication network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103067918B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8645763B2 (en) * | 2011-09-12 | 2014-02-04 | Microsoft Corporation | Memory dump with expanded data and user privacy protection |
| CN107111616A (en) * | 2014-09-26 | 2017-08-29 | 上海贝尔股份有限公司 | The secret protection of third party's data sharing |
| CN104410532A (en) * | 2014-12-12 | 2015-03-11 | 携程计算机技术(上海)有限公司 | Server and log filtering method thereof |
| CN106162624A (en) * | 2015-04-15 | 2016-11-23 | 宇龙计算机通信科技(深圳)有限公司 | The method of secret protection, device and mobile terminal in communication process |
| EP3347884A4 (en) * | 2015-09-07 | 2019-01-23 | Nokia Technologies OY | Privacy preserving monitoring |
| CN105553979A (en) * | 2015-12-15 | 2016-05-04 | 国网智能电网研究院 | Encryption publishing method for privacy information in smart power grid |
| CN107357943B (en) * | 2016-05-10 | 2021-11-30 | 中国移动通信集团湖北有限公司 | Data fuzzification method and device |
| CN107995616B (en) * | 2016-10-27 | 2021-05-18 | 中国电信股份有限公司 | User behavior data processing method and device |
| CN107547513B (en) * | 2017-07-14 | 2021-02-05 | 新华三信息安全技术有限公司 | Message processing method, device, network equipment and storage medium |
| CN108924091A (en) * | 2018-06-06 | 2018-11-30 | 深圳市血之缘医疗科技有限公司 | Method for authenticating user identity and Related product |
| CN113055930B (en) * | 2021-03-09 | 2022-12-27 | Oppo广东移动通信有限公司 | Data processing method, communication device, server, and storage medium |
| CN116149235B (en) * | 2023-04-03 | 2023-07-18 | 艾欧史密斯(中国)热水器有限公司 | Data processing method of household appliance system, controller and household appliance system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101473625A (en) * | 2006-06-20 | 2009-07-01 | 阿尔卡特朗讯公司 | Secure domain information protection apparatus and methods |
| CN101911591A (en) * | 2008-01-15 | 2010-12-08 | 微软公司 | Preventing secure data from leaving a network perimeter |
| CN102480481A (en) * | 2010-11-26 | 2012-05-30 | 腾讯科技(深圳)有限公司 | Method and device for improving security of product user data |
| CN103037428A (en) * | 2011-09-29 | 2013-04-10 | 北京三星通信技术研究有限公司 | Method of achieving Mobile Data Terminal (MDT) measurement anonymity report |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101091369B (en) * | 2004-12-22 | 2012-11-14 | 艾利森电话股份有限公司 | Means and method for control of personal data |
| US8560456B2 (en) * | 2005-12-02 | 2013-10-15 | Credigy Technologies, Inc. | System and method for an anonymous exchange of private data |
| WO2008044790A1 (en) * | 2006-10-06 | 2008-04-17 | Nec Corporation | Communication device, communication system, communication method and communication program |
-
2012
- 2012-12-25 CN CN201210568522.2A patent/CN103067918B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101473625A (en) * | 2006-06-20 | 2009-07-01 | 阿尔卡特朗讯公司 | Secure domain information protection apparatus and methods |
| CN101911591A (en) * | 2008-01-15 | 2010-12-08 | 微软公司 | Preventing secure data from leaving a network perimeter |
| CN102480481A (en) * | 2010-11-26 | 2012-05-30 | 腾讯科技(深圳)有限公司 | Method and device for improving security of product user data |
| CN103037428A (en) * | 2011-09-29 | 2013-04-10 | 北京三星通信技术研究有限公司 | Method of achieving Mobile Data Terminal (MDT) measurement anonymity report |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103067918A (en) | 2013-04-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103067918B (en) | Method, device and system of privacy data anonymization in communication network | |
| US9979705B2 (en) | Caller-identity based security | |
| CN102209326B (en) | Malicious behavior detection method and system based on smartphone radio interface layer | |
| CN109525608A (en) | Log reporting method and device, blog management method and device and terminal device | |
| WO2016101384A1 (en) | Dual-system switch based data security processing method and apparatus | |
| US20030198326A1 (en) | Masked phone service with mask phone number | |
| CN104216761B (en) | It is a kind of that the method for sharing equipment is used in the device that can run two kinds of operating system | |
| CN108183901B (en) | FPGA-based host security protection physical card and data processing method thereof | |
| CN204350029U (en) | Data interaction system | |
| CN1869927B (en) | Device controller, method for controlling a device, and program therefor | |
| CN104038613A (en) | Method and apparatus for information security management | |
| CN103491532A (en) | Cooperative privacy protection method and system based on Android platform | |
| CN107404580A (en) | A kind of method, storage medium and equipment for intercepting harassing call number and short message | |
| Sun et al. | A survey of iot privacy security: Architecture, technology, challenges, and trends | |
| CN108540591A (en) | Address book management method, address book management device and electronic equipment | |
| CN112966303A (en) | Data encryption and decryption method and device, electronic equipment and computer storage medium | |
| CN117151736A (en) | Anti-electricity fraud management early warning method and system | |
| CN111597584A (en) | Privacy protection and data sharing method, device and equipment based on block chain | |
| WO2013185348A1 (en) | Method and device for processing charging data | |
| CN114697052B (en) | Network protection method and device | |
| CN113518155B (en) | Outbound method, device, equipment and medium based on privacy conversation protection platform | |
| CN112333144B (en) | Data security system and method of communication module | |
| CN108769434A (en) | Call processing method, apparatus and system | |
| CN105848143A (en) | Dual-system integrated smart mobile phone and private information processing method thereof | |
| CN113067951B (en) | Terminal communication management method and device, computer equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |